US20060031678A1 - Image processing apparatus and its method - Google Patents
Image processing apparatus and its method Download PDFInfo
- Publication number
- US20060031678A1 US20060031678A1 US11/199,143 US19914305A US2006031678A1 US 20060031678 A1 US20060031678 A1 US 20060031678A1 US 19914305 A US19914305 A US 19914305A US 2006031678 A1 US2006031678 A1 US 2006031678A1
- Authority
- US
- United States
- Prior art keywords
- data
- electronic signature
- signature
- image data
- feature amount
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Definitions
- the present invention relates to an image processing apparatus and its method, and more particularly, to image processing for generating image data with electronic-signature data for guarantee of data validity (alteration and guarantee of source).
- a sender A obtains a hash value (HV) of electronic data to be transmitted using a hash function, then encrypts the obtained HV with a secret key, then attaches the HV to the electronic data as an electronic signature value, and transmits the electronic data with the electronic signature value to a receiver B. Further, when the electronic signature value is transmitted to an authentication bureau C, the authentication bureau C transmits, the electronic signature value and a certificate of the sender A issued by the authentication bureau C, and a public key, as a set, to the receiver B.
- HV hash value
- the receiver B obtains the HV of the electronic data received from the sender A using the hash function, further, obtains the HV by decoding the electronic signature value received from the authentication bureau C with the received public key. Then the receiver B compares the two HV values and determines whether or not the electronic data has been altered.
- a receiver manages plural public keys and uses a public key corresponding to received signature data, as in the case of management of plural secret keys.
- Japanese Patent Application Laid-Open JP 2002-281475 discloses a method for generating an image-data electronic signature via a signature server.
- An image sensing apparatus transmits image data to a client, encrypts an HV of the image data and transmits the data to a signature server.
- the signature server decodes the HV, performs electronic signature processing and transmits signature data to the client.
- the secret key can be unified.
- the signature server decodes the encrypted HV of image data, encrypts the HV with the secret key in the signature server and transmits the HV to the client. If the signature data itself is altered on a communication channel, the client cannot correctly perform signature verification. That is, as an verification result, it is determined that the image data has altered although the signature data has been altered.
- scan data can be transmitted to a designated destination by using a multi-function equipment provided in a convenience store, a public place or the like. In this case, it is significant to transmit correct data (unaltered data).
- known is a method for performing encryption and electronic signature processing on scan data using a secret key held in a device or an IC card and transmitting the image data with electronic signature.
- the foregoing object is attained by providing calculating a feature amount of image data, transmitting the feature amount to a signature server, receiving electronic signature data generated from the feature amount by the signature server, verifying the received electronic signature data using the feature amount, and if the result of verification indicates that the electronic signature data is proper for the image data, generating image data with electronic signature where the electronic signature data is added to the image data.
- FIG. 1 illustrates connection relation among multi-function devices, a signature server, clients and the like, according to an embodiment of the present invention:
- FIG. 2 is a block diagram showing the functional construction of the multi-function device
- FIG. 3 is a block diagram showing the hardware construction of the multi-function device
- FIG. 4 is a block diagram showing the hardware construction of the signature server, a mail server and the client;
- FIG. 5 is a flowchart showing processing performed by a controller of the multi-function device
- FIG. 6 is a flowchart showing the details of the processing performed by the controller of the multi-function device.
- FIG. 7 is a flowchart showing electronic-signature data generation processing performed by the signature server.
- FIG. 1 illustrates connection relation among multi-function devices, a signature server, clients and the like, according to an embodiment of the present invention.
- a signature server 11 , a mail server 12 , clients 13 and 15 , and multi-function devices 16 and 17 are interconnected via a network 14 .
- image data with signature transmitted from the multi-function device 17 is received by the client 15 via the mail server 12 .
- the multi-function device 17 transmits a feature amount of image data to the signature sever 11
- the signature server 11 transmits generated signature data to the multi-function device 17 .
- FIG. 2 is a block diagram showing the functional construction of the multi-function devices 16 and 17 .
- a controller 21 controls the multi-function device, and communicates with the outside via a communication interface 22 .
- the communication interface 22 is a network interface such as Ethernet ? , a serial bus interface such as USB (Universal Serial Bus) or IEEE 1394, an infrared communication, or a radio communication interface.
- the controller 21 controls a scanner engine 23 , a printer engine 24 , and a FAX (facsimile) board 25 .
- the printer engine 24 is a laser-beam printer, an ink-jet printer, or other type of printer.
- the FAX board 25 realizes a facsimile function by communication control upon facsimile transmission/reception of image.
- a user interface 26 having e.g. an LCD and a keyboard, displays information received from the controller 21 on the LCD, and sends an instruction inputted by a user with the keyboard to the controller 21 .
- the controller 21 receives a print job via the communication interface 22 , then selects the printer engine 24 to execute the received print job.
- the controller 21 selects the scanner engine 23 , to execute the scan job to obtain an image of a document placed on a document plate and transmit the obtained image to a designated client or the like via the communication interface 22 or the user interface 26 . Further, when an image transmission job is designated via the communication interface 22 , the controller 21 executes the transmission job to transmit a received image to a designated client or the like.
- the transmission job can be designated from the clients 13 and 15 and other multi-function devices.
- the format of transmission image data can be designated via the communication interface 22 or the user interface 26 .
- PDP Portable Document Format
- TIFF Tagged-Image File Format
- JPEG Joint Photographic Image Experts Group
- the controller 21 selects the printer engine 24 and the scanner engine 23 to duplicate an image of document placed on the document plate.
- the controller 21 selects the FAX board 25 to execute the facsimile transmission job to facsimile-transmit an image received via the communication interface 22 or a document image obtained by the scanner engine 23 . Further, when an image has been received via the FAX board 25 , the controller 21 causes the printer engine 24 to print-output the received image.
- controller 21 is capable of detection of feature amount of image data generated by a scan job, transmission of feature amount via the communication interface 22 to the signature server 11 , and reception and signature verification of signature data.
- FIG. 3 is a block diagram showing the hardware construction of the multi-function devices 16 and 17 .
- the controller 21 has a CPU 101 which performs processing programs to be described later, stored in a ROM 105 and a hard disk (DISK) 110 , with a RAM 102 as a work memory, and controls other units via a system bus 120 .
- the CPU 101 temporarily stores attribute information indicating the function and state of a job processed by the multi-function device, job data as the subject of output, a received image and the like, into the hard disk 110 .
- the user interface 26 has an LCD 103 and a keyboard 104 .
- FIG. 4 is a block diagram showing the hardware construction of the signature server 11 , the mail server 12 and the clients 13 and 15 .
- a CPU 201 performs programs of processings to be described later, stored in a ROM 205 and a hard disk 207 , with a RAM 202 as a work memory, and controls other units via a system bus 208 . Further, the CPU 201 displays a user interface, a processing state and a processing result on a monitor such as an LCD via a monitor interface 203 . Further, the CPU 201 receives the user's instruction via a pointing device such as a keyboard or a mouse connected to a keyboard interface 204 . Further, the CPU 201 temporarily stores attribute information indicating the function and status of a job processed by the multi-function devices 16 and 17 , job data as the subject of output, and the like, into the hard disk 207 . Further, the CPU 201 communicates with an external device via the communication interface 206 .
- the signature server 11 performs signature data generation processing to be described later.
- the mail server 12 performs processing as an electronic mail server based on a protocol such as an SMTP (Simple Mail Transfer Protocol), POP (Post Office Protocol) or an IMAP (Internet Message Access Protocol).
- the clients 13 and 15 perform the above-described print job, the scan job and the transmission job by the multi-function devices 16 and 17 , and perform processing to receive an electronic mail from the mail server 12 .
- FIG. 5 is a flowchart showing processing performed by the controller 21 of the multi-function devices 16 and 17 .
- the controller 21 performs image input processing by reading a document image by the scanner engine 23 or receiving image data via the communication interface 22 (S 1 ).
- the controller 21 calculates the feature amount of the input image data, and transmits the calculated feature amount via the communication interface 22 to the signature server 11 (S 2 ). Then, the controller 21 receives signature data generated by the signature server 11 , decodes the received signature data using a public key, corresponding to a secret key held in the signature server 11 , stored in the hard disk 110 or the like. Then the controller 21 compares the decoded signature data with the feature amount of the image data. If it is determined that they correspond with each other, the controller associates the signature data with the image data (S 3 ).
- the communication with the signature server 11 is not particularly limited, however, in the case of communication between the multi-function devices 16 and 17 , and the signature server 11 , it may be arranged such that information can be kept secret by SSL (Secure Socket Layer) or the like.
- SSL Secure Socket Layer
- the controller 21 transmits the image data with the signature data as an electronic mall via the communication interface 22 to the mail server 12 (S 4 ).
- the mail server 22 transmits the received electronic mail to the client 13 or 15 as a designated destination.
- image data with the signature data may be transmitted to the client 13 or 15 via the network not as electronic mail but as other form of data.
- FIG. 6 is a flowchart showing the details of the processing performed by the controller 21 of the multi-function devices 16 and 17 .
- the controller 21 When the scan job or transmission job has been designated via the user interface 21 or the communication interface 22 , the controller 21 performs the above-described image input processing (S 101 ), calculates a hash value (HV) as the feature amount of the input image data (S 102 ), and transmits the calculated HV, with a signature-data generation request, to the signature server 11 (S 103 ). Then the controller 21 receives signature data returned from the signature server 11 (S 104 ), decodes the received signature data and compares the signature data with the HV, thereby verifies the signature data (S 105 ).
- S 101 image input processing
- HV hash value
- the controller 21 determines that the signature data has been altered, and displays an error message on the user interface 26 or notifies it to a client or the like that designated the transmission job (S 108 ). Further, if it is determined that the compared two data correspond with each other (the signature verification has been normally performed), the controller 21 adds or attaches the signature data to the image data thereby generates image data with signature data (S 106 ), transmits the image data with signature data as an electronic mail to a designated transmission destination (S 107 ), and displays information on the transmission on the user interface 26 or notifies it to the client or the like that designated the transmission job (S 108 ).
- FIG. 7 is a flowchart showing electronic-signature data generation processing performed by the signature server 11 .
- the signature server 11 waits for the signature data generation request (S 201 ), and when the request has been received, encrypts an HV received with the request using a secret key held inside, thereby generates signature data (S 202 ).
- the signature server 11 abandons the received HV (S 203 ), and transmits the generated signature data, with a response to the received request, to a request originator ( 5204 ). Thereafter, the process returns to step S 201 .
- the secret key utilized in generation of signature is managed by the signature server 11 .
- the secret key is held only by the signature server 11 .
- the number of keys can be reduced, and the trouble of key management can be reduced.
- the hash value is generated by the multi-function devices 16 and 17 and signature is made by the signature server 11 , scan data itself does not flow on the network 14 . Accordingly, the above communication is secure in comparison with the conventional case where all the signature-related operations are performed in the signature server 11 .
- the clients 13 , 15 or the like easily recognizes the association between the signature data and the image data. Thus the trouble of management of association between signature data and image data can be reduced.
- the signature data is verified, and only if the result of verification is successful, the multi-function devices 16 and 17 transmit the image data with electronic signature. Accordingly, this prevents alteration of hash value and/or signature data in the middle of the communication channel between the multi-function devices 16 and 17 , and the signature server 11 .
- the present invention can be applied to a system constituted by a plurality of devices (e.g., host computer, interface, reader, printer) or to an apparatus comprising a single device (e.g., copying machine, facsimile machine).
- devices e.g., host computer, interface, reader, printer
- apparatus comprising a single device (e.g., copying machine, facsimile machine).
- the object of the present invention can also be achieved by providing a storage medium storing program codes for performing the aforesaid processes to a computer system or apparatus (e.g., a personal computer), reading the program codes, by a CPU or MPU of the computer system or apparatus, from the storage medium, then executing the program.
- a computer system or apparatus e.g., a personal computer
- the program codes read from the storage medium realize the functions according to the embodiments, and the storage medium storing the program codes constitutes the invention.
- the storage medium such as a flexible disk, a hard disk, an optical disk, a magneto-optical disk, CD-ROM, CD-R, a magnetic tape, a non-volatile type memory card, and ROM can be used for providing the program codes.
- the present invention includes a case where an OS (operating system) or the like working on the computer performs a part or entire processes in accordance with designations of the program codes and realizes functions according to the above embodiments.
- the present invention also includes a case where, after the program codes read from the storage medium are written in a function expansion card which is inserted into the computer or in a memory provided in a function expansion unit which is connected to the computer, CPU or the like contained in the function expansion card or unit performs a part or entire process in accordance with designations of the program codes and realizes functions of the above embodiments.
- the storage medium stores program codes corresponding to the flowcharts described in the embodiments.
Abstract
Description
- The present invention relates to an image processing apparatus and its method, and more particularly, to image processing for generating image data with electronic-signature data for guarantee of data validity (alteration and guarantee of source).
- In recent years, the Internet and electronized documents are widely used, and images are frequently converted to or generated as electronic data. However, there is a danger that the electronic data are altered in the progress of conversion via a network or storage into a storage medium. To prevent such alteration, an electronic signature technique has been developed.
- According to the electronic signature technique, a sender A obtains a hash value (HV) of electronic data to be transmitted using a hash function, then encrypts the obtained HV with a secret key, then attaches the HV to the electronic data as an electronic signature value, and transmits the electronic data with the electronic signature value to a receiver B. Further, when the electronic signature value is transmitted to an authentication bureau C, the authentication bureau C transmits, the electronic signature value and a certificate of the sender A issued by the authentication bureau C, and a public key, as a set, to the receiver B.
- The receiver B obtains the HV of the electronic data received from the sender A using the hash function, further, obtains the HV by decoding the electronic signature value received from the authentication bureau C with the received public key. Then the receiver B compares the two HV values and determines whether or not the electronic data has been altered.
- In the above technique, to protect the secret key of the sender A from others, it is desirable that duplication of secret key is impossible. However, in a case where a signatory is an organization or company, signature may be made by plural persons in plural places. If duplication of secret key is impossible, it is impossible for persons belonging to the organization or company to hold the same secret key. For this reason, in a case where such organization or company is a signatory, secret keys are generated for the persons and places to sign, and managed by the organization or company.
- To verify a signature, it is necessary to obtain a public key corresponding to a secret key used in the signature. Regardless of signatory, i.e., an organization, a company or a person, when plural secret keys are managed, a receiver manages plural public keys and uses a public key corresponding to received signature data, as in the case of management of plural secret keys.
- To simplify the key management, known is a method for electronic signature processing for unified secret key management by providing an electronic signature server.
- Japanese Patent Application Laid-Open JP 2002-281475 discloses a method for generating an image-data electronic signature via a signature server. An image sensing apparatus transmits image data to a client, encrypts an HV of the image data and transmits the data to a signature server. The signature server decodes the HV, performs electronic signature processing and transmits signature data to the client. According to the method, as a secret key utilized in the electronic signature is managed by the signature server, the secret key can be unified.
- However, in the above electronic signature generating method, as the sender of image data and that of signature data are different, it is necessary for the receiver (client) to associate the image data with the signature data, received from the different senders. If some error occurs in the management and discordance occurs between the signature data and the image data, verification of signature of image data cannot be correctly performed.
- Further, in the electronic signature generating method, the signature server decodes the encrypted HV of image data, encrypts the HV with the secret key in the signature server and transmits the HV to the client. If the signature data itself is altered on a communication channel, the client cannot correctly perform signature verification. That is, as an verification result, it is determined that the image data has altered although the signature data has been altered.
- As described above, in the method utilizing a signature server for unified management of secret key disclosed in JP 2002-281475, as image data and signature data are sent to a client from different senders, the receiver side takes a lot of trouble with association between the two data.
- Further, scan data can be transmitted to a designated destination by using a multi-function equipment provided in a convenience store, a public place or the like. In this case, it is significant to transmit correct data (unaltered data). For this purpose, known is a method for performing encryption and electronic signature processing on scan data using a secret key held in a device or an IC card and transmitting the image data with electronic signature.
- However, as the use of secret key is closed in the device and it must not exit to the outside, it is necessary to hold different secret keys in devices or IC cards. That is, even in the same type multi-function equipments belonging to the same convenience store group, as the secret keys are different in different shops or devices, it is necessary for a receiver to obtain a public key corresponding to the shop or device. Further, as it is necessary for a person who manages the secret keys to hold a lot of keys, the management cost is increased.
- According to one aspect of the present invention, the foregoing object is attained by providing calculating a feature amount of image data, transmitting the feature amount to a signature server, receiving electronic signature data generated from the feature amount by the signature server, verifying the received electronic signature data using the feature amount, and if the result of verification indicates that the electronic signature data is proper for the image data, generating image data with electronic signature where the electronic signature data is added to the image data.
- According to the present invention, it is possible to reduce the trouble of association between image data and signature data, and reduce the load of key management, and further, verify the validity of signature data.
- Other features and advantages of the present invention will be apparent from the following description taken in conjunction with the accompanying drawings, in which like reference characters designate the same name or similar parts throughout the figures thereof.
- The accompanying drawings, which are incorporated in and constitute a part of the specification, illustrate embodiments of the invention and, together with the description, serve to explain the principles of the invention.
-
FIG. 1 illustrates connection relation among multi-function devices, a signature server, clients and the like, according to an embodiment of the present invention: -
FIG. 2 is a block diagram showing the functional construction of the multi-function device; -
FIG. 3 is a block diagram showing the hardware construction of the multi-function device; -
FIG. 4 is a block diagram showing the hardware construction of the signature server, a mail server and the client; -
FIG. 5 is a flowchart showing processing performed by a controller of the multi-function device; -
FIG. 6 is a flowchart showing the details of the processing performed by the controller of the multi-function device; and -
FIG. 7 is a flowchart showing electronic-signature data generation processing performed by the signature server. - A preferred embodiment of the present invention will now be described in detail in accordance with the accompanying drawings.
-
FIG. 1 illustrates connection relation among multi-function devices, a signature server, clients and the like, according to an embodiment of the present invention. - A
signature server 11, amail server 12,clients multi-function devices network 14. For example, image data with signature transmitted from themulti-function device 17 is received by theclient 15 via themail server 12. Further, in signature processing according to the embodiment, themulti-function device 17 transmits a feature amount of image data to thesignature sever 11, and thesignature server 11 transmits generated signature data to themulti-function device 17. -
FIG. 2 is a block diagram showing the functional construction of themulti-function devices - A
controller 21 controls the multi-function device, and communicates with the outside via acommunication interface 22. Thecommunication interface 22 is a network interface such as Ethernet?, a serial bus interface such as USB (Universal Serial Bus) or IEEE 1394, an infrared communication, or a radio communication interface. - The
controller 21 controls ascanner engine 23, aprinter engine 24, and a FAX (facsimile)board 25. - The
printer engine 24 is a laser-beam printer, an ink-jet printer, or other type of printer. TheFAX board 25 realizes a facsimile function by communication control upon facsimile transmission/reception of image. - A
user interface 26, having e.g. an LCD and a keyboard, displays information received from thecontroller 21 on the LCD, and sends an instruction inputted by a user with the keyboard to thecontroller 21. - The
controller 21 receives a print job via thecommunication interface 22, then selects theprinter engine 24 to execute the received print job. - Further, when a scan job is designated via the
communication interface 22 or theuser interface 26, thecontroller 21 selects thescanner engine 23, to execute the scan job to obtain an image of a document placed on a document plate and transmit the obtained image to a designated client or the like via thecommunication interface 22 or theuser interface 26. Further, when an image transmission job is designated via thecommunication interface 22, thecontroller 21 executes the transmission job to transmit a received image to a designated client or the like. - Note that the transmission job can be designated from the
clients communication interface 22 or theuser interface 26. For example, PDP (Portable Document Format), TIFF (Tagged-Image File Format) and JPEG (Joint Photographic Image Experts Group) can be designated. - Further, when a copy job is designated via the
user interface 26, thecontroller 21 selects theprinter engine 24 and thescanner engine 23 to duplicate an image of document placed on the document plate. - Further, when a facsimile transmission job is designated via the
communication interface 22 or theuser interface 26, thecontroller 21 selects theFAX board 25 to execute the facsimile transmission job to facsimile-transmit an image received via thecommunication interface 22 or a document image obtained by thescanner engine 23. Further, when an image has been received via theFAX board 25, thecontroller 21 causes theprinter engine 24 to print-output the received image. - Further, the
controller 21 is capable of detection of feature amount of image data generated by a scan job, transmission of feature amount via thecommunication interface 22 to thesignature server 11, and reception and signature verification of signature data. -
FIG. 3 is a block diagram showing the hardware construction of themulti-function devices - The
controller 21 has aCPU 101 which performs processing programs to be described later, stored in aROM 105 and a hard disk (DISK) 110, with a RAM 102 as a work memory, and controls other units via asystem bus 120. TheCPU 101 temporarily stores attribute information indicating the function and state of a job processed by the multi-function device, job data as the subject of output, a received image and the like, into thehard disk 110. Further, theuser interface 26 has anLCD 103 and akeyboard 104. -
FIG. 4 is a block diagram showing the hardware construction of thesignature server 11, themail server 12 and theclients - A
CPU 201 performs programs of processings to be described later, stored in aROM 205 and ahard disk 207, with aRAM 202 as a work memory, and controls other units via asystem bus 208. Further, theCPU 201 displays a user interface, a processing state and a processing result on a monitor such as an LCD via amonitor interface 203. Further, theCPU 201 receives the user's instruction via a pointing device such as a keyboard or a mouse connected to akeyboard interface 204. Further, theCPU 201 temporarily stores attribute information indicating the function and status of a job processed by themulti-function devices hard disk 207. Further, theCPU 201 communicates with an external device via thecommunication interface 206. - Note that the
signature server 11 performs signature data generation processing to be described later. Themail server 12 performs processing as an electronic mail server based on a protocol such as an SMTP (Simple Mail Transfer Protocol), POP (Post Office Protocol) or an IMAP (Internet Message Access Protocol). Theclients multi-function devices mail server 12. -
FIG. 5 is a flowchart showing processing performed by thecontroller 21 of themulti-function devices - The
controller 21 performs image input processing by reading a document image by thescanner engine 23 or receiving image data via the communication interface 22 (S1). - Next, the
controller 21 calculates the feature amount of the input image data, and transmits the calculated feature amount via thecommunication interface 22 to the signature server 11 (S2). Then, thecontroller 21 receives signature data generated by thesignature server 11, decodes the received signature data using a public key, corresponding to a secret key held in thesignature server 11, stored in thehard disk 110 or the like. Then thecontroller 21 compares the decoded signature data with the feature amount of the image data. If it is determined that they correspond with each other, the controller associates the signature data with the image data (S3). Note that the communication with thesignature server 11 is not particularly limited, however, in the case of communication between themulti-function devices signature server 11, it may be arranged such that information can be kept secret by SSL (Secure Socket Layer) or the like. - Next, the
controller 21 transmits the image data with the signature data as an electronic mall via thecommunication interface 22 to the mail server 12 (S4). Themail server 22 transmits the received electronic mail to theclient - Note that the image data with the signature data may be transmitted to the
client -
FIG. 6 is a flowchart showing the details of the processing performed by thecontroller 21 of themulti-function devices - When the scan job or transmission job has been designated via the
user interface 21 or thecommunication interface 22, thecontroller 21 performs the above-described image input processing (S101), calculates a hash value (HV) as the feature amount of the input image data (S102), and transmits the calculated HV, with a signature-data generation request, to the signature server 11 (S103). Then thecontroller 21 receives signature data returned from the signature server 11 (S104), decodes the received signature data and compares the signature data with the HV, thereby verifies the signature data (S105). - Next, if it is determined that the compared two data do not correspond with each other, the
controller 21 determines that the signature data has been altered, and displays an error message on theuser interface 26 or notifies it to a client or the like that designated the transmission job (S108). Further, if it is determined that the compared two data correspond with each other (the signature verification has been normally performed), thecontroller 21 adds or attaches the signature data to the image data thereby generates image data with signature data (S106), transmits the image data with signature data as an electronic mail to a designated transmission destination (S107), and displays information on the transmission on theuser interface 26 or notifies it to the client or the like that designated the transmission job (S108). -
FIG. 7 is a flowchart showing electronic-signature data generation processing performed by thesignature server 11. - The
signature server 11 waits for the signature data generation request (S201), and when the request has been received, encrypts an HV received with the request using a secret key held inside, thereby generates signature data (S202). Thesignature server 11 abandons the received HV (S203), and transmits the generated signature data, with a response to the received request, to a request originator (5204). Thereafter, the process returns to step S201. - In this manner, according to the present embodiment, as the secret key utilized in generation of signature is managed by the
signature server 11, the secret key is held only by thesignature server 11. The number of keys can be reduced, and the trouble of key management can be reduced. - As the hash value is generated by the
multi-function devices signature server 11, scan data itself does not flow on thenetwork 14. Accordingly, the above communication is secure in comparison with the conventional case where all the signature-related operations are performed in thesignature server 11. - As the
multi-function devices clients clients - Before the
multi-function devices clients multi-function devices multi-function devices signature server 11. - Other Embodiment
- The present invention is not limited to the above embodiment and various changes and modifications can be made within the spirit and scope of the present invention. Therefore, to appraise the public of the scope of the present invention, the following claims are made.
- The present invention can be applied to a system constituted by a plurality of devices (e.g., host computer, interface, reader, printer) or to an apparatus comprising a single device (e.g., copying machine, facsimile machine).
- Further, the object of the present invention can also be achieved by providing a storage medium storing program codes for performing the aforesaid processes to a computer system or apparatus (e.g., a personal computer), reading the program codes, by a CPU or MPU of the computer system or apparatus, from the storage medium, then executing the program.
- In this case, the program codes read from the storage medium realize the functions according to the embodiments, and the storage medium storing the program codes constitutes the invention.
- Further, the storage medium, such as a flexible disk, a hard disk, an optical disk, a magneto-optical disk, CD-ROM, CD-R, a magnetic tape, a non-volatile type memory card, and ROM can be used for providing the program codes.
- Furthermore, besides aforesaid functions according to the above embodiments are realized by executing the program codes which are read by a computer, the present invention includes a case where an OS (operating system) or the like working on the computer performs a part or entire processes in accordance with designations of the program codes and realizes functions according to the above embodiments.
- Furthermore, the present invention also includes a case where, after the program codes read from the storage medium are written in a function expansion card which is inserted into the computer or in a memory provided in a function expansion unit which is connected to the computer, CPU or the like contained in the function expansion card or unit performs a part or entire process in accordance with designations of the program codes and realizes functions of the above embodiments.
- In a case where the present invention is applied to the aforesaid storage medium, the storage medium stores program codes corresponding to the flowcharts described in the embodiments.
- As many apparently widely different embodiments of the present invention can be made without departing from the spirit and scope thereof, it is to be understood that the invention is not limited to the specific embodiments thereof except as defined in the claims.
- Claim of Priority
- This application claims priority from Japanese Patent Application No. 2004-232499, filed on Aug. 9, 2004, which is hereby incorporated by reference herein.
Claims (8)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2004232499A JP2006050504A (en) | 2004-08-09 | 2004-08-09 | Image processing device and method thereof |
JP2004-232499 | 2004-08-09 |
Publications (2)
Publication Number | Publication Date |
---|---|
US20060031678A1 true US20060031678A1 (en) | 2006-02-09 |
US7747863B2 US7747863B2 (en) | 2010-06-29 |
Family
ID=35758875
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/199,143 Expired - Fee Related US7747863B2 (en) | 2004-08-09 | 2005-08-09 | Image processing apparatus and its method |
Country Status (3)
Country | Link |
---|---|
US (1) | US7747863B2 (en) |
JP (1) | JP2006050504A (en) |
CN (1) | CN100515074C (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150256716A1 (en) * | 2014-03-06 | 2015-09-10 | Canon Kabushiki Kaisha | Information processing apparatus, control method, and storage medium storing program |
US20150341178A1 (en) * | 2014-05-23 | 2015-11-26 | Panasonic Intellectual Property Management Co., Ltd. | Certificate issuing system, client terminal, server device, certificate acquisition method, and certificate issuing method |
US10091385B2 (en) * | 2017-02-20 | 2018-10-02 | Kabushiki Kaisha Toshiba | Information processing apparatus and image forming apparatus |
US11245798B2 (en) * | 2018-10-16 | 2022-02-08 | Canon Kabushiki Kaisha | Information processing apparatus, control method therefor, and storage medium |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4626625B2 (en) * | 2007-03-16 | 2011-02-09 | 富士ゼロックス株式会社 | Electronic signature system, image forming apparatus, and program |
JP2011096050A (en) * | 2009-10-30 | 2011-05-12 | Kyocera Mita Corp | Method, program and apparatus for preparing installer, and installer system |
JP5467592B2 (en) * | 2009-11-13 | 2014-04-09 | セイコーインスツル株式会社 | Long-term signature server |
Citations (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5499294A (en) * | 1993-11-24 | 1996-03-12 | The United States Of America As Represented By The Administrator Of The National Aeronautics And Space Administration | Digital camera with apparatus for authentication of images produced from an image file |
US6144744A (en) * | 1997-06-30 | 2000-11-07 | International Business Machines Corporation | Method and apparatus for the secure transfer of objects between cryptographic processors |
US20020078355A1 (en) * | 2000-12-15 | 2002-06-20 | Vipin Samar | Method and apparatus for delegating digital signatures to a signature server |
US20020174338A1 (en) * | 2001-05-08 | 2002-11-21 | Taminori Tomita | Digital signature verification apparatus |
US20030056107A1 (en) * | 2001-09-17 | 2003-03-20 | Cammack William E. | Secure bootloader for securing digital devices |
US6601172B1 (en) * | 1997-12-31 | 2003-07-29 | Philips Electronics North America Corp. | Transmitting revisions with digital signatures |
US20030218061A1 (en) * | 2002-05-23 | 2003-11-27 | Parascript Llc | Distributed signature verification with dynamic database of reference signatures |
US20050010767A1 (en) * | 2003-06-19 | 2005-01-13 | International Business Machines Corporation | System and method for authenticating software using hidden intermediate keys |
US6873715B2 (en) * | 2002-01-31 | 2005-03-29 | You-Ti Kuo | System of central signature verifications and electronic receipt transmissions |
US6934846B2 (en) * | 2003-01-22 | 2005-08-23 | Walter Szrek | Method of generating unpredictable and auditable random numbers |
US20060036864A1 (en) * | 1999-12-28 | 2006-02-16 | Parulski Kenneth A | Digital camera with image authentication |
US7114074B2 (en) * | 2003-12-22 | 2006-09-26 | Graphic Security Systems Corporation | Method and system for controlling encoded image production using image signatures |
US7194620B1 (en) * | 1999-09-24 | 2007-03-20 | Verizon Business Global Llc | Method for real-time data authentication |
US7302585B1 (en) * | 1999-05-28 | 2007-11-27 | Hewlett-Packard Development Company, L.P. | System for providing a trustworthy user interface |
US7394573B1 (en) * | 1999-04-14 | 2008-07-01 | Xerox Corporation | System for authenticating hardcopy documents |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2570635B2 (en) * | 1994-11-07 | 1997-01-08 | 日本電気株式会社 | Digital signature method |
EP1132828A4 (en) * | 1999-09-17 | 2007-10-10 | Sony Corp | Data providing system and method therefor |
SE522260C2 (en) * | 1999-10-01 | 2004-01-27 | Ericsson Telefon Ab L M | Method, system and security adapter for executing secure data transmission in a wireless network |
JP2002229451A (en) * | 2001-02-02 | 2002-08-14 | Casio Comput Co Ltd | System, method, and program for guaranteeing date and hour of creation of data |
JP4543570B2 (en) * | 2001-03-14 | 2010-09-15 | ソニー株式会社 | Verification system |
JP3793042B2 (en) * | 2001-05-14 | 2006-07-05 | 日本電信電話株式会社 | Electronic signature proxy method, apparatus, program, and recording medium |
JP2003244139A (en) * | 2002-02-20 | 2003-08-29 | Amano Corp | Time stamp imprinting system to electronic document, and program medium thereof |
JP2003333037A (en) * | 2002-05-13 | 2003-11-21 | Yozan Inc | Electronic document transceiver and electronic document transceiver system |
JP4027725B2 (en) * | 2002-06-14 | 2007-12-26 | 株式会社日立製作所 | Electronic signature method |
JP4304957B2 (en) * | 2002-10-29 | 2009-07-29 | 富士ゼロックス株式会社 | Job processing control apparatus and job processing control method |
-
2004
- 2004-08-09 JP JP2004232499A patent/JP2006050504A/en active Pending
-
2005
- 2005-08-09 US US11/199,143 patent/US7747863B2/en not_active Expired - Fee Related
- 2005-08-09 CN CN200510091176.3A patent/CN100515074C/en not_active Expired - Fee Related
Patent Citations (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5499294A (en) * | 1993-11-24 | 1996-03-12 | The United States Of America As Represented By The Administrator Of The National Aeronautics And Space Administration | Digital camera with apparatus for authentication of images produced from an image file |
US6144744A (en) * | 1997-06-30 | 2000-11-07 | International Business Machines Corporation | Method and apparatus for the secure transfer of objects between cryptographic processors |
US6601172B1 (en) * | 1997-12-31 | 2003-07-29 | Philips Electronics North America Corp. | Transmitting revisions with digital signatures |
US7394573B1 (en) * | 1999-04-14 | 2008-07-01 | Xerox Corporation | System for authenticating hardcopy documents |
US7302585B1 (en) * | 1999-05-28 | 2007-11-27 | Hewlett-Packard Development Company, L.P. | System for providing a trustworthy user interface |
US7194620B1 (en) * | 1999-09-24 | 2007-03-20 | Verizon Business Global Llc | Method for real-time data authentication |
US20060036864A1 (en) * | 1999-12-28 | 2006-02-16 | Parulski Kenneth A | Digital camera with image authentication |
US20020078355A1 (en) * | 2000-12-15 | 2002-06-20 | Vipin Samar | Method and apparatus for delegating digital signatures to a signature server |
US7210037B2 (en) * | 2000-12-15 | 2007-04-24 | Oracle International Corp. | Method and apparatus for delegating digital signatures to a signature server |
US20020174338A1 (en) * | 2001-05-08 | 2002-11-21 | Taminori Tomita | Digital signature verification apparatus |
US20030056107A1 (en) * | 2001-09-17 | 2003-03-20 | Cammack William E. | Secure bootloader for securing digital devices |
US6873715B2 (en) * | 2002-01-31 | 2005-03-29 | You-Ti Kuo | System of central signature verifications and electronic receipt transmissions |
US20030218061A1 (en) * | 2002-05-23 | 2003-11-27 | Parascript Llc | Distributed signature verification with dynamic database of reference signatures |
US6934846B2 (en) * | 2003-01-22 | 2005-08-23 | Walter Szrek | Method of generating unpredictable and auditable random numbers |
US20050010767A1 (en) * | 2003-06-19 | 2005-01-13 | International Business Machines Corporation | System and method for authenticating software using hidden intermediate keys |
US7114074B2 (en) * | 2003-12-22 | 2006-09-26 | Graphic Security Systems Corporation | Method and system for controlling encoded image production using image signatures |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150256716A1 (en) * | 2014-03-06 | 2015-09-10 | Canon Kabushiki Kaisha | Information processing apparatus, control method, and storage medium storing program |
US20150341178A1 (en) * | 2014-05-23 | 2015-11-26 | Panasonic Intellectual Property Management Co., Ltd. | Certificate issuing system, client terminal, server device, certificate acquisition method, and certificate issuing method |
US9525557B2 (en) * | 2014-05-23 | 2016-12-20 | Panasonic Intellectual Property Management Co., Ltd. | Certificate issuing system, client terminal, server device, certificate acquisition method, and certificate issuing method |
US10091385B2 (en) * | 2017-02-20 | 2018-10-02 | Kabushiki Kaisha Toshiba | Information processing apparatus and image forming apparatus |
US11245798B2 (en) * | 2018-10-16 | 2022-02-08 | Canon Kabushiki Kaisha | Information processing apparatus, control method therefor, and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN1735195A (en) | 2006-02-15 |
US7747863B2 (en) | 2010-06-29 |
JP2006050504A (en) | 2006-02-16 |
CN100515074C (en) | 2009-07-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7535488B2 (en) | Image data verification system | |
US7552335B2 (en) | Information processing apparatus, method therefor, computer program, and computer-readable storage medium | |
US8171526B2 (en) | Service providing system, information processing apparatus, service providing server and service providing method | |
US7526656B2 (en) | Encryption/decryption system and method for the same | |
JP4845398B2 (en) | Image processing apparatus and control method executed by image processing apparatus | |
US8054970B2 (en) | Image forming apparatus, image forming method, information processing apparatus and information processing method | |
US7747863B2 (en) | Image processing apparatus and its method | |
US20100023781A1 (en) | Data processing apparatus, data storage device, and data processing method therefor | |
JP5251752B2 (en) | Method for printing locked print data using user and print data authentication | |
US10250391B2 (en) | Communication apparatus, method of controlling the same, and storage medium | |
KR20000075866A (en) | Transmitting revisions with digital signatures | |
JP3900791B2 (en) | Image output device | |
US7152159B2 (en) | Encrypted mail transmission system | |
US20080019519A1 (en) | System and method for secure facsimile transmission | |
US8185950B2 (en) | Image forming apparatus, method for management of authenticating information and computer readable medium storing program thereof | |
JP2011139380A (en) | Image processing system, control method, program, and recording medium | |
JP2005216133A (en) | Information processor, output device, print data generation method and print data output method | |
JP6176982B2 (en) | Printing apparatus and control method thereof | |
JP4836499B2 (en) | Network printing system | |
JP2000174969A (en) | Equipment and method for communication | |
JP2003348079A (en) | Image forming apparatus | |
JP5145814B2 (en) | Data transmission / reception system, data reception device, data transmission / reception method, data reception method, and data reception program | |
US20090279702A1 (en) | Image processing apparatus and control method thereof | |
JP2008187245A (en) | Image information transmission device and image information transmission management program | |
JP4626625B2 (en) | Electronic signature system, image forming apparatus, and program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: CANON KABUSHIKI KAISHA,JAPAN Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:YASUHARA, HIROSHI;REEL/FRAME:016874/0370 Effective date: 20050808 Owner name: CANON KABUSHIKI KAISHA, JAPAN Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:YASUHARA, HIROSHI;REEL/FRAME:016874/0370 Effective date: 20050808 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
FEPP | Fee payment procedure |
Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
FPAY | Fee payment |
Year of fee payment: 4 |
|
FEPP | Fee payment procedure |
Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.) |
|
LAPS | Lapse for failure to pay maintenance fees |
Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
STCH | Information on status: patent discontinuation |
Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362 |
|
STCH | Information on status: patent discontinuation |
Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362 |
|
FP | Lapsed due to failure to pay maintenance fee |
Effective date: 20220629 |